diff --git a/install/root.hist b/install/root.hist new file mode 100644 index 0000000..166fa96 --- /dev/null +++ b/install/root.hist @@ -0,0 +1,408 @@ + 1 apt update + 2 apt install autoconf automake libtool pkg-config gcc curl curl-dev + 3 apt install autoconf automake libtool pkg-config gcc curl curl-dev + 4 reboot + 5 apt install automake autoconf libtool autoconf-archive gcc libglibc2-0 pkg-config uriparser-dev libgcrypt-dev uthash-dev + 6 apt search libglib + 7 apt search glibc + 8 apt install automake autoconf libtool autoconf-archive gcc glibc-source pkg-config uriparser-dev libgcrypt-dev uthash-dev + 9 apt search uriparser + 10 apt install automake autoconf libtool autoconf-archive gcc glibc-source pkg-config liburiparser-dev libgcrypt-dev uthash-dev + 11 apt install git + 12 apt install automake autoconf libtool autoconf-archive gcc glibc-source pkg-config liburiparser-dev libgcrypt-dev uthash-dev g++ libssl-dev uthash-dev m4 build-essential libmocka0 libmocka-dev + 13 apt install automake autoconf libtool autoconf-archive gcc glibc-source pkg-config liburiparser-dev libgcrypt-dev uthash-dev g++ libssl-dev uthash-dev m4 build-essential libcmocka0 libcmocka-dev + 14 cat /sys/class/tpm/tpm0/power + 15 cat /sys/class/tpm/tpm0/power/runtime_status + 16 cat /sys/class/tpm/tpm0/power/runtime_enabled + 17 cat /sys/class/tpm/tpm0/device/status + 18 cat /sys/class/tpm/tpm0/device/uid + 19 cat /sys/class/tpm/tpm0/device/description + 20 cat /sys/class/tpm/tpm0/device/driver/MSFT0101\:00 + 21 cat /sys/class/tpm/tpm0/dev + 22 cat /sys/class/tpm/tpm0/ppi/tcg_operations + 23 cat /sys/class/tpm/tpm0/ppi/version + 24 cat /sys/class/tpm/tpm0/ppi/vs_operations + 25 cat /sys/class/tpm/tpm0/ppi/transition_action + 26 response + 27 cat /sys/class/tpm/tpm0/ppi/response + 28 cat /sys/class/tpm/tpm0/ppi/request + 29 cat /sys/class/tpm/tpm0/ppi/response + 30 reboot + 31 cd tpm2-tss + 32 ./configure --with-ptpm=/sys/class/tpm/tpm0 --with-prefix=/usr --with-udevrulesdir=/etc/udev/rules.d + 33 make -j5 + 34 echo $? + 35 make install + 36 echo $? + 37 udevadm control --reload-rules && udevadm trigger + 38 ldconfig + 39 ./configure --enable doxygen-doc + 40 ./configure --enable-doxygen-doc + 41 make doxygen-doc + 42 make + 43 make clean + 44 make + 45 make clean + 46 ./configure --with-ptpm=/sys/class/tpm/tpm0 --with-prefix=/usr --with-udevrulesdir=/etc/udev/rules.d --enable-doxygen-doc + 47 make -j5 + 48 make install + 49 apt install doxygen-dev + 50 apt install doxygen + 51 ./configure --enable-doxygen-doc + 52 make doxygen-doc + 53 cd ../tpm2-abrmd/ + 54 ./bootstrap + 55 apt install dbus-1 + 56 apt search dbus-a + 57 apt search dbus + 58 apt search dbus-1 + 59 apt install dbus dbus-1-dbg libdbus-1-dev libdbus-1-3 + 60 useradd --system --user-group tss + 61 ./bootstrap + 62 ./configure --help + 63 #./configure --dbuspolicydir=/etc/dbus-1/system.d --with-udevrulesdir=/usr/lib/udev/rules.d --with-systemdsystemunitdir=/usr/lib/systemd/system --libdir=/usr/lib64 --prefix=/usr + 64 exit + 65 find / -name udev + 66 #./configure --dbuspolicydir=/etc/dbus-1/system.d --with-udevrulesdir=/lib/udev/rules.d/ --with-systemdsystemunitdir=/lib/systemd/system --libdir=/lib64/ --prefix=/usr + 67 cd tpm2-abmrd + 68 cd tpm2-abrmd/ + 69 ./configure --dbuspolicydir=/etc/dbus-1/system.d --with-udevrulesdir=/lib/udev/rules.d/ --with-systemdsystemunitdir=/lib/systemd/system --libdir=/lib64/ --prefix=/usr + 70 ./configure --with-dbuspolicydir=/etc/dbus-1/system.d --with-udevrulesdir=/lib/udev/rules.d/ --with-systemdsystemunitdir=/lib/systemd/system --libdir=/lib64/ --prefix=/usr + 71 echo $? + 72 apt install libglib2.0-dev + 73 ./configure --with-dbuspolicydir=/etc/dbus-1/system.d --with-udevrulesdir=/lib/udev/rules.d/ --with-systemdsystemunitdir=/lib/systemd/system --libdir=/lib64/ --prefix=/usr + 74 echo $? + 75 ./configure --with-dbuspolicydir=/etc/dbus-1/system.d --with-systemdsystemunitdir=/lib/systemd/system --libdir=/lib64/ --prefix=/usr + 76 make -j5 + 77 echo $? + 78 make install + 79 echo $? + 80 cd ../tpm2-tools + 81 ./bootstrap + 82 ./configure --help + 83 ./configure --prefix=/usr + 84 echo $? + 85 apt install libcurl + 86 apt install curl-dev + 87 apt install curl + 88 ./configure --prefix=/usr + 89 apt install libcurl-dev + 90 apt install libcurl-openssl-dev + 91 apt install libcurl4-dev + 92 apt install libcurl4-openssl-dev + 93 ./configure --prefix=/usr + 94 apt install pyyaml + 95 apt search pyyaml + 96 apt install python-pretty-yaml + 97 ./configure --prefix=/usr + 98 echo $? + 99 make -j5 + 100 make install + 101 echo $? + 102 tpm2pcrlist + 103 tpm2_pcrlist + 104 cd .. + 105 git clone htttps://github.com/theopolis/tpm2-examples + 106 git clone https://github.com/theopolis/tpm2-examples + 107 cd tpm2-examples/ + 108 make + 109 apt install clang + 110 apt install clang++ + 111 apt install clang + 112 apt remove clang + 113 apt install clang + 114 apt install clang++ + 115 apt install clang+ + 116 apt install clang + 117 make + 118 find /lib64 -name tpm20 + 119 find /lib -name tpm20 + 120 find /lib -name tpm + 121 find / -name tpm20.h + 122 cat /lib64/libtss2-tcti-tabrmd.1 + 123 cat /lib64/libtss2-tcti-tabrmd.a + 124 tpm2_quote + 125 tpm2_quote -L + 126 tpm2_quote -l + 127 man tpm2_quote + 128 tpm2_nvlist + 129 tpm2_getcap + 130 tpm2_getmanufec + 131 tpm2_listpersistent + 132 tpm2_pcrlist + 133 tpm2_pcrlist 0 + 134 tpm2_pcrlist --halg=sha256 + 135 tpm2_pcrlist --halg=sha384 + 136 tpm2_pcrlist --halg=sha256 --sel-list=1 + 137 tpm2_pcrlist --halg=sha256 -L + 138 tpm2_pcrlist --halg=sha256 -s + 139 tpm2_pcrlist --algs + 140 tpm2_hash + 141 tpm2_hash --help + 142 tpm2_encryptdecrypt + 143 tpm2_encryptdecrypt --mode=start + 144 cd .. + 145 rm -rf tpm2-examples/ + 146 cd Downloads/ + 147 dpkg install atom-amd64.deb + 148 apt install atom-amd64.deb + 149 apt install ./atom-amd64.deb + 150 tpm2_encryptdecrypt + 151 tpm2_encryptdecrypt --auth-key=helloworld + 152 tpm2_encryptdecrypt --auth-key=helloworld 0 + 153 tpm2_encryptdecrypt --auth-key=helloworld --iv=helloworld + 154 apt install unifont + 155 ls -la + 156 cat README + 157 ./autogen.sh + 158 ./configure + 159 apt install bison + 160 apt install flex bison binutils + 161 apt install libdevmapper sdl libpciaccess libusb + 162 apt search libdevmapper + 163 apt search libpciaccess + 164 apt searc hsdl + 165 apt search sdl + 166 apt search libusb + 167 apt install libusb-1.0-0-dev libsdl2-dev libpciaccess-dev libdevmapper-dev + 168 ./configure + 169 configure --help + 170 ./configure --help + 171 ./configure --enable-efiemu --enable-grub-emu-sdl --enable-grub-emu-pci + 172 make + 173 echo $? + 174 make check + 175 make && make install + 176 echo $? + 177 make clean + 178 ./configure --enable-efiemu --enable-grub-emu-sdl --enable-grub-emu-pci --prefix=/usr --target=i386 --with-platform=pc + 179 make + 180 make install + 181 /etc/default/ + 182 cat /etc/default/grub + 183 #/usr/sbin/grub-install --directory=/usr/lib/grub/i386-pc /dev/ + 184 mount + 185 mount | grep boot + 186 #/usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg + 187 cat /boot/grub/grub.cfg + 188 cp /boot/grub/grub.cfg /boot/grub/grub.cfgbak + 189 /usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg + 190 reboot + 191 nano /boot/grub/grub.cfg + 192 reboot + 193 nano /boot/grub/grub.cfg + 194 reboot + 195 /usr/sbin/grub-install /dev/nvme0n1 + 196 reboot + 197 cat /boot/grub/grub.cfg + 198 nano /boot/grub/grub.cfg + 199 /usr/sbin/grub-install /dev/nvme0 + 200 /usr/sbin/grub-install -v /dev/nvme0 + 201 reboot + 202 /usr/sbin/grub-install --directory=/usr/lib/grub/i386-pc /dev/nvme0 + 203 /usr/sbin/grub-install --directory=/usr/lib/grub/i386-pc /dev/nvme0n1 + 204 apt install grub-efi + 205 cd grub-tpm2/ + 206 make clean + 207 ./configure --enable-efiemu --enable-grub-emu-sdl --enable-grub-emu-pci --prefix=/usr --target=x86_64 --with-platform=efi + 208 make + 209 make install + 210 /usr/sbin/grub-install --efi-directory=/boot/efi --target=x86-64 --boot-directory=/boot /dev/nvme0n1 + 211 /usr/sbin/grub-install --efi-directory /boot/efi --target=x86-64 --boot-directory=/boot /dev/nvme0n1 + 212 apt install libfreetype6-dev libfuse-dev liblzma-dev + 213 cd .. + 214 rm -rf ./grub-tpm2/ + 215 git clone https://github.com/rhopfer/grub-tpm2.git + 216 cd grub-tpm2/ + 217 ./autogen.sh + 218 ./configure --prefix=/usr --target=x86_64 --with-platform=efi --disable-werroro + 219 ./configure --prefix=/usr --target=x86_64 --with-platform=efi --disable-werror + 220 make && make install + 221 /usr/sbin/grub-install --version + 222 /usr/sbin/grub-install --efi-directory /boot/efi --target=x86-64 --boot-directory=/boot /dev/nvme0n1 + 223 /usr/sbin/grub-install --efi-directory /boot/efi --target=x86-64 --boot-directory=/boot /dev/nvme0 + 224 /usr/sbin/grub-install --efi-directory /boot/efi + 225 /usr/sbin/grub-install --target=x86-64 --boot-directory=/boot /dev/nvme0 + 226 /usr/sbin/grub-install --efi-directory /boot/efi --target=x86-64 + 227 /usr/sbin/grub-install --target=x86-64 --boot-directory=/boot /dev/nvme0n1 + 228 reboot + 229 cd grub-tpm2/ + 230 /usr/sbin/grub-install --target=x86-64 --boot-directory=/boot /dev/nvme0n1 + 231 /usr/sbin/grub-install --target=x86-64-efi --boot-directory=/boot /dev/nvme0n1 + 232 /usr/sbin/grub-install --efi-directory /boot/efi --target=x86-64-efi + 233 /usr/sbin/grub-install --target=x86-64-efi --efi-directory /boot/efi + 234 /usr/sbin/grub-install --target=x86-64-efi --efi-directory=/boot/efi --boot-directory=/boot /dev/nvme0n1 + 235 ls /usr/lib/grub/ + 236 /usr/sbin/grub-install --target=x86-64-efi --efi-directory=/boot/efi --boot-directory=/boot /dev/nvme0n1 + 237 /usr/sbin/grub-install --efi-directory=/boot/efi --boot-directory=/boot /dev/nvme0n1 + 238 reboot + 239 nano /boot/grub/grub.cfg + 240 reboot + 241 tpm2_pcrlist + 242 nano /boot/grub/grub.cfg + 243 /usr/sbin/grub-mkconfig -o /boot/grub/grub.cfg + 244 nano /boot/grub/grub.cfg + 245 reboot + 246 nc + 247 netcat + 248 apt install netcat + 249 apt install netcat + 250 apt install netcat + 251 exit + 252 apt update && apt upgrade + 253 apt install gnome-tweak + 254 apt install gnome-tweaks + 255 apt install gnome-tweak-tool + 256 exit + 257 apt update + 258 apt install netcat + 259 nc -l 3333 + 260 ip addr + 261 nc -l 3333 + 262 nc -l 80 + 263 su + 264 exit + 265 mv /home/michael/Downloads/clion-2018.2.6 /opt + 266 /opt/clion-2018.2.6/bin/clion.sh + 267 exit + 268 LD_LIBRARY_PATH + 269 getenv LD_LIBRARY_PATH + 270 get LD_LIBRARY_PATH + 271 display LD_LIBRARY_PATH + 272 printenv + 273 printenv | grep LD + 274 cd CLionProjects/untitled/ + 275 gcc main.c -o main -L/usr/local/lib -llibtss2-esys + 276 gcc main.c -o main -L/usr/local/include -llibtss2-esys + 277 gcc main.c -o main -L/usr/local/include/tpm2 -llibtss2-esys + 278 gcc main.c -o main -L/usr/local/include/tpm2 -ltss2-esys + 279 cc main.c -o main -L/usr/local/include/tpm2 -ltss2-esys + 280 LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH + 281 cc main.c -o main -L/usr/local/include/tpm2 -ltss2-esys + 282 LIBRARY_PATH=/usr/local/lib:$LIBRARY_PATH + 283 gcc -v main.c -o main -L/usr/local/include/tpm2 -ltss2-esys + 284 cc main.c -o main -L/usr/local/include/tpm2/ -ltss2-esys + 285 gcc -v main.c -o main -L/usr/local/include -ltss2-esys + 286 LIBRARY_PATH=/usr/local/include/tss2:$LIBRARY_PATH + 287 getenv + 288 printenv + 289 LIBRARY_PATH=/usr/local/include/tss2 + 290 printenv | LIB + 291 printenv | grep LIB + 292 exit + 293 apt install ldd ldconfig + 294 apt install build-essentials + 295 apt install build_essentials + 296 apt search essentials + 297 history | grep install + 298 apt install libc-bin + 299 ldconfig + 300 exit + 301 apt install cmake + 302 ldconfig + 303 ldconfig -p + 304 man ldconfig + 305 ldconfig -l + 306 man ldconfig + 307 cd /usr/local/lib/ + 308 ls + 309 ldconfig -l /usr/local/lib/ + 310 ldconfig -l /usr/local/lib/* + 311 ldconfig -p + 312 ldconfig -p | local + 313 ldconfig -p | grep local + 314 cd /home/michael/CLionProjects/untitled/ + 315 ls + 316 /opt/clion-2018.2.6/bin/cmake/linux/bin/cmake --build /home/michael/CLionProjects/untitled/cmake-build-debug --target untitled -- -j 2 + 317 cmake --build . --target untitled + 318 cmake . + 319 cmake . + 320 ls + 321 ls + 322 make . + 323 ls + 324 ls -lha + 325 cat Makefile + 326 clear + 327 ls + 328 rm Makefile + 329 ls + 330 rm CMakeCache.txt + 331 rm -r CMakeFiles/ + 332 ls + 333 rm cmake_install.cmake + 334 ls + 335 rm main + 336 ls + 337 mkdir build + 338 cd build/ + 339 cmake .. + 340 ls + 341 cat Makefile + 342 ls + 343 make + 344 ldconfig -p | grep lib + 345 ldconfig -p | grep local + 346 ls + 347 cd .. + 348 cd build/ + 349 rm -rf . + 350 ls + 351 cd .. + 352 rm -rf build/* + 353 cd build/ + 354 cmake .. + 355 make + 356 tpm2tss-genkey -a rsa -s 2048 mykey_rsa + 357 dbus + 358 tpm2_pcrlist + 359 cd .. + 360 ls + 361 cd build + 362 ls + 363 cd .. + 364 cd cmake-build-debug/ + 365 ls + 366 ./untitled + 367 ls /dev + 368 ./untitled + 369 systemctl status + 370 systemctl status --all + 371 systemctl status --all | grep tpm + 372 systemctl status --all | grep abrmd + 373 systemctl status --all | grep abrm + 374 tpm2-abrmd + 375 exit + 376 tpm2-abrmd --allow-root + 377 tpm2-abrmd --allow-root & + 378 ./untitled + 379 ./cmake-build-debug/untitled + 380 ls /dev + 381 kill 5912 + 382 ./cmake-build-debug/untitled + 383 ./cmake-build-debug/untitled + 384 ./cmake-build-debug/untitled | grep Result + 385 ./cmake-build-debug/untitled + 386 ./cmake-build-debug/untitled | grep ess + 387 ./cmake-build-debug/untitled + 388 ./cmake-build-debug/untitled + 389 ./cmake-build-debug/untitled + 390 apt install valgrind + 391 groups michael + 392 groups + 393 cat /etc/group + 394 usermod -a -G tss michael + 395 groups michael + 396 ls -la /dev/tpm + 397 ls -la /dev/tpm* + 398 reboot + 399 tpm2_getrandom + 400 man tpm2_getrandom + 401 tpm2_getrandom 5 + 402 tpm2_getrandom 650 + 403 tpm2_getrandom 32 + 404 tpm2_getrandom 32 + 405 sudo /opt/clion-2018.2.6/bin/clion.sh + 406 history + 407 /opt/clion-2018.2.6/bin/clion.sh + 408 history > root.hist diff --git a/install/user.hist b/install/user.hist new file mode 100644 index 0000000..e4092c8 --- /dev/null +++ b/install/user.hist @@ -0,0 +1,102 @@ + 1 su + 2 git clone https://github.com/tpm2-software/tpm2-tss.git + 3 git clone https://github.com/tpm2-software/tpm2-tools.git && git clone https://github.com/tpm2-software/tpm2-abrmd.git + 4 git clone https://github.com/rhopfer/grub-tpm2.git + 5 su + 6 ifconfig + 7 ip addr + 8 cd tpm2-tss + 9 ls + 10 ./bootstrap + 11 ./configure --help + 12 ./configure --with-ptpm=/sys/class/tpm/tpm0 --with-prefix=/usr + 13 ./configure --with-ptpm=/sys/class/tpm/tpm0 --with-prefix=/usr --with-udevrulesdir=/etc/udev/rules.d + 14 cd tpm2-tss + 15 su + 16 xit + 17 exit + 18 cd grub-tpm2/ + 19 su + 20 [ -d /sys/firmware/efi ] && echo "EFI boot on HDD" || echo "Legacy boot on HDD" + 21 cd /boot/efi/ + 22 su + 23 nano /boot/grub/grub.cfg + 24 su + 25 tpm2_pcrlist + 26 su + 27 nc + 28 netcat + 29 su + 30 reboot + 31 su + 32 gcc + 33 su + 34 /opt/clion-2018.2.6/bin/clion.sh + 35 su + 36 printenv + 37 printenv | grep LIB + 38 setenv + 39 export + 40 export LIBRARY_PATH=/usr/local/include/tss2 + 41 printenv | grep LIB + 42 gcc -v main.c -o main -ltss2-esys + 43 ls + 44 cd CLionProjects/untitled/ + 45 gcc -v main.c -o main -ltss2-esys + 46 export LD_LIBRARY_PATH=/usr/local/include/tss2 + 47 gcc -v main.c -o main -ltss2-esys + 48 export C_INCLUDE_PATH=/usr/local/include/tss2:$C_INCLUDE_PATH + 49 printenv | grep INC + 50 gcc -v main.c -o main -ltss2-esys + 51 g++ -v main.c -o main -ltss2-esys + 52 export CPLUS_INCLUDE_PATH=/usr/local/include/tss2:$CPLUS_INCLUDE_PATH + 53 g++ -v main.c -o main -ltss2-esys + 54 gcc -v main.c -o main -ltss2-esys + 55 g++ -v main.c -o main -ltss2-esys + 56 python ~/Documents/tpmtest.py + 57 gcc -v main.c -o main -ltss2-esys + 58 gcc -v main.c -o main -ltss2-esys -lesys_iutil + 59 export C_PATH=/usr/local/include/tss2:$C_PATH + 60 export C_PATH=/home/michael/tpm2-tss/src:$C_PATH + 61 gcc -v main.c -o main -ltss2-esys -lesys_iutil + 62 export C_PATH=/home/michael/tpm2-tss/src/tss2-esys:$C_PATH + 63 gcc -v main.c -o main -ltss2-esys -lesys_iutil + 64 gcc -v main.c -o main -ltss2-esys + 65 cmake build + 66 /opt/clion-2018.2.6/bin/cmake/linux/bin/cmake --build + 67 /opt/clion-2018.2.6/bin/cmake/linux/bin/cmake --build . + 68 ld + 69 ldconfig + 70 cd CLionProjects/untitled/ + 71 gcc -v main.c -o main -ltss2-esys + 72 export C_PATH=/usr/local/include/tss2:$C_PATH + 73 gcc -v main.c -o main -ltss2-esys + 74 export C_PATH=/usr/local/include/tss2:$C_PATH + 75 gcc -v main.c -o main -ltss2-esys + 76 printenv + 77 printenv | grep C_P + 78 export C_PATH=/usr/local/include/tss2 + 79 export C_PATH=/usr/local/include:$C_PATH + 80 gcc -v main.c -o main -ltss2-esys + 81 export C_INCLUDE_PATH=$C_PATH + 82 gcc -v main.c -o main -ltss2-esys + 83 gcc main.c -o main -ltss2-esys + 84 ./main + 85 printenv | grep C_P + 86 printenv | grep C_I + 87 ldconfig + 88 ldd + 89 ld + 90 su + 91 ldconfig + 92 su + 93 tpm2-abrmd + 94 su + 95 tpm2_getrandom + 96 sudo -i + 97 su + 98 history + 99 sudo -i + 100 su + 101 history + 102 history > user.hist diff --git a/presentation/190115_secondshort/header.tex b/presentation/190115_secondshort/header.tex new file mode 100755 index 0000000..3b2d823 --- /dev/null +++ b/presentation/190115_secondshort/header.tex @@ -0,0 +1,62 @@ +\usepackage[naustrian]{babel} +\usepackage[utf8]{inputenc} +\usepackage[T1]{fontenc} + +%Designvorlage +\usetheme{Boadilla} + +%Font Typeface +\usepackage{paratype} + +\usepackage{graphicx} +\usepackage{url} +\usepackage{pgfpages} +\usepackage{lmodern} + +\usepackage{listings} + +\usepackage{marvosym} +\usepackage{textcomp} + +\usepackage{tikz} +\usepackage{geometry} +\usepackage{layout} +\usepackage{amsmath} +\usepackage{amssymb} +\usepackage{textcomp} + + +%properties for listings: +\lstset{ + language=[LaTeX]TeX, %language + basicstyle=\footnotesize\ttfamily, %common font style + xleftmargin=8pt, + numbers=left, %line numbers + numberstyle=\tiny, + numberfirstline=true, + stepnumber=1, + numbersep=5pt, + tabsize=2, %size of tabulator + columns=flexible, + upquote=true, + literate= %Umlauts in source files + {Ö}{{\"O}}1 + {Ä}{{\"A}}1 + {Ü}{{\"U}}1 + {ß}{{\ss}}2 + {ü}{{\"u}}1 + {ä}{{\"a}}1 + {ö}{{\"o}}1 +} + +%Beamer preferences +\AtBeginSection[] +{ + \begin{frame} + \frametitle{Inhalt} + \tableofcontents[ + currentsection, + sectionstyle=show/show, + hideothersubsections] + \end{frame} +} \ No newline at end of file diff --git a/presentation/190115_secondshort/second.pdf b/presentation/190115_secondshort/second.pdf new file mode 100644 index 0000000..175e856 Binary files /dev/null and b/presentation/190115_secondshort/second.pdf differ diff --git a/presentation/190115_secondshort/second.tex b/presentation/190115_secondshort/second.tex new file mode 100644 index 0000000..7f03545 --- /dev/null +++ b/presentation/190115_secondshort/second.tex @@ -0,0 +1,142 @@ +\documentclass[naustrian,notes]{beamer} + +\input{header} +%Titelinformationen +\title[Digidow Biometric Sensor]{Digital Shadow: Biometric Sensor} +\subtitle{Master's Thesis Seminar} +\author[Michael Preisach]{Michael Preisach} +\date{January 15, 2019} +\institute[INS]{\includegraphics[width=0.1\textwidth]{../../resources/ins}} + +\begin{document} +\begin{frame} + \titlepage +\end{frame} + +\begin{frame} + \frametitle{Project Overview Digital Shadow} + \begin{figure} + \centering + \includegraphics[width=0.9\textwidth]{../../resources/globalview} + \end{figure} +\end{frame} + +\begin{frame} + \frametitle{Physical Overview} + \begin{figure} + \centering + \includegraphics[height=0.8\textheight]{../../resources/networkview2.pdf} + \end{figure} + +\end{frame} + + \begin{frame} +\frametitle{TPM2: Platform Configuration Registers (PCR)\footnote{Arthur, Challener: \emph{A Practical Guide to TPM 2.0}}} +\begin{columns} + \begin{column}{0.5\textwidth} + \begin{itemize} + \item 24 Registers (for the PC) + \item represents state of measured unit + \item reset only by power cycle + \item SHA1 or SHA256 + \item modify by \emph{Extend()}: \\ + {\scriptsize\texttt{newPCR = Digest(oldPCR || data)}} + \item extension chain possible + \end{itemize} + \end{column} + \begin{column}{0.5\textwidth} %%<--- here + \begin{scriptsize} + \begin{tabular}{c|p{3.5cm}} + PCR &Allocation\\\hline + 0 &BIOS \\ + 1 &BIOS Config \\ + 2 &Option ROM \\ + 3 &Option ROM Config \\ + 4 &MBR \\ + 5 &MBR Config \\ + 6 &State transition and wake events\\ + 7 &Platform specific measurements\\ + 8-15 &Static OS\\ + 16 &Debug\\ + 17-22 &General Purpose\\ + 23 &Application Support\\ + \end{tabular} + \end{scriptsize} + \end{column} +\end{columns} +\end{frame} + +\begin{frame} +\frametitle{TPM2: Platform Configuration Registers (PCR)\footnote{\url{https://github.com/Rohde-Schwarz-Cybersecurity/TrustedGRUB2}}} + \begin{center} + \begin{tabular}{l|l} + Component &measured by\\\hline + BIOS &CRTM \\ + TrustedGRUB MBR bootcode &BIOS \\ + TrustedGRUB kernel (\texttt{diskboot.img}) &TrustedGRUB MBR bootcode \\ + TrustedGRUB kernel (\texttt{core.img}) &\texttt{diskboot.img} \\ + GRUB modules + OS &TrustedGRUB kernel \\ + Applications &OS (e.g. Linux IMA) \\ + \end{tabular} + \end{center} +\end{frame} + +\begin{frame} + \frametitle{Linux Integrity Measurement Architecture (IMA) + \footnote{\url{https://wiki.strongswan.org/projects/strongswan/wiki/IMA}} + \footnote{\url{https://sourceforge.net/p/linux-ima/wiki/Home/}}} + \begin{itemize} + \item Kernel extension for measuring accessed files + \item configurable via policies (access mode, files, users, \ldots) + \item standardized log file entries + \item extend PCR and create log file entry + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Attestation} + \begin{enumerate} + \item hash a number of PCR values (= \emph{Quote}) + \item sign hash with TPM key + \item remote party validates signing key + \item remote party validates values of PCRs + \item remote party validates values of (IMA-)Event log + \end{enumerate} +\end{frame} + + +\begin{frame} + \frametitle{State of the Project: What is Done} + \begin{itemize} + \item small PC with dedicated TPM2 device + \item installed GRUB-TPM2 + \item installed TPM2-ESAPI and development environment + \item read most parts of the book \emph{Trusted Computing Platforms - + TPM2.0 in Context} and implemented basic examples + \end{itemize} +\end{frame} + +\begin{frame} + \frametitle{State of the Project: What is next} + \begin{itemize} + \item solve remaining problems with GRUB-TPM2 + \item implementing more complex tasks with the TPM2 + \item understanding \emph{Direct Anonymous Attestation} (DAA) + \item define and develop a trusted environment between BS and PA + \end{itemize} +\end{frame} + +\begin{frame} +\frametitle{Questions} +\begin{itemize} + \item IMA also works for other system calls? + \item Details about CRTM +\end{itemize} +\end{frame} + + + + + + +\end{document} diff --git a/resources/networkview2.fig b/resources/networkview2.fig new file mode 100644 index 0000000..d0eeb45 --- /dev/null +++ b/resources/networkview2.fig @@ -0,0 +1,281 @@ +#FIG 3.2 Produced by xfig version 3.2.7 +Landscape +Center +Inches +Letter +100.00 +Single +-2 +1200 2 +0 32 #c6b797 +0 33 #eff8ff +0 34 #dccba6 +0 35 #404040 +0 36 #808080 +0 37 #c0c0c0 +0 38 #e0e0e0 +0 39 #8e8f8e +0 40 #aaaaaa +0 41 #555555 +0 42 #c7c3c7 +0 43 #565151 +0 44 #8e8e8e +0 45 #d7d7d7 +0 46 #85807d +0 47 #d2d2d2 +0 48 #3a3a3a +0 49 #4573aa +0 50 #aeaeae +0 51 #7b79a5 +0 52 #444444 +0 53 #73758c +0 54 #f7f7f7 +0 55 #414541 +0 56 #635dce +0 57 #bebebe +0 58 #515151 +0 59 #e7e3e7 +0 60 #000049 +0 61 #797979 +0 62 #303430 +0 63 #414141 +0 64 #c7b696 +6 8250 3750 9000 5025 +1 1 0 1 0 7 50 -1 -1 0.000 1 0.0000 8625 4927 76 69 8625 4927 8679 4976 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 8304 3799 8946 3799 8946 4829 8304 4829 8304 3799 +2 4 0 1 0 7 50 -1 -1 0.000 0 0 5 0 0 5 + 9000 5025 9000 3750 8250 3750 8250 5025 9000 5025 +-6 +6 6075 6000 6825 7275 +1 1 0 1 0 7 50 -1 -1 0.000 1 0.0000 6450 7177 76 69 6450 7177 6504 7226 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 6129 6049 6771 6049 6771 7079 6129 7079 6129 6049 +2 4 0 1 0 7 50 -1 -1 0.000 0 0 5 0 0 5 + 6825 7275 6825 6000 6075 6000 6075 7275 6825 7275 +-6 +6 6913 3234 7918 3609 +4 0 0 50 -1 1 10 0.0000 0 150 1005 6913 3564 Signed Response\001 +4 0 0 50 -1 1 10 0.0000 0 135 690 6913 3339 Trust(CA)\001 +-6 +6 1015 2203 6715 5128 +6 1015 2653 4765 5128 +6 2215 4453 2815 5053 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 2215 5053 2815 5053 2815 4453 2215 4453 2215 5053 +4 1 0 50 -1 2 12 0.0000 0 150 465 2515 4828 TPM\001 +-6 +6 1240 3478 1990 4603 +5 1 0 1 -1 -1 0 0 -1 0.000 0 1 0 0 1615.000 3553.000 1240 4453 1615 4528 1990 4453 +1 2 0 1 0 7 50 -1 -1 0.000 1 0.0000 1615 3553 375 75 1240 3478 1990 3628 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 1990 3553 1990 4453 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 1240 3553 1240 4453 +-6 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 3565 3403 4615 3403 4615 3928 3565 3928 3565 3403 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 3565 2803 4615 2803 4615 3328 3565 3328 3565 2803 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 3565 4003 4615 4003 4615 4528 3565 4528 3565 4003 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 2515 2803 3565 2803 3565 3328 2515 3328 2515 2803 +2 2 1 1 0 7 51 -1 -1 4.000 0 0 -1 0 0 5 + 4690 2728 2215 2728 2215 5053 4690 5053 4690 2728 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 1015 2653 4765 2653 4765 5128 1015 5128 1015 2653 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 2515 3028 1990 3703 +4 0 0 50 -1 1 10 0.0000 0 105 1320 2890 4978 Trusted Environment\001 +4 1 0 50 -1 1 10 0.0000 0 135 480 3040 3028 Manage\001 +4 1 0 50 -1 1 10 0.0000 0 105 465 3040 3223 Sensors\001 +4 1 0 50 -1 1 10 0.0000 0 105 570 4090 3028 Network\001 +4 1 0 50 -1 1 10 0.0000 0 105 555 4090 3223 Interface\001 +4 1 0 50 -1 1 10 0.0000 0 150 615 4090 3628 Operating\001 +4 1 0 50 -1 1 10 0.0000 0 135 450 4090 3823 System\001 +4 1 0 50 -1 1 10 0.0000 0 105 615 4090 4228 Firmware\001 +4 1 0 50 -1 1 10 0.0000 0 105 615 4090 4423 Hardware\001 +4 1 0 50 -1 1 10 0.0000 0 105 615 1615 3028 Biometric\001 +4 1 0 50 -1 1 10 0.0000 0 105 540 1615 3253 Database\001 +-6 +# Desktop tower +# Drawn by Dirko van Schalkwyk +6 5440 2428 6715 4303 +1 1 0 1 0 7 50 -1 -1 0.000 1 0.0000 6044 3238 20 18 6044 3238 6063 3256 +1 1 0 1 0 7 50 -1 -1 0.000 1 0.0000 6040 3342 37 34 6040 3342 6077 3375 +1 1 0 1 0 7 50 -1 -1 0.000 1 0.0000 5825 3545 12 11 5825 3545 5827 3556 +1 1 0 1 0 7 50 -1 -1 0.000 1 0.0000 5823 3608 12 11 5823 3608 5825 3619 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 5775 4066 5775 4156 5868 4162 5866 4066 5770 4061 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 5549 2620 5549 2784 6133 2804 6129 2636 5549 2620 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 4 + 5549 2786 5551 2950 6136 2979 6134 2804 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 4 + 5555 2956 5555 3116 6141 3147 6136 2982 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 5559 3154 5559 3253 5949 3278 5951 3172 5557 3152 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 4 + 5561 3253 5559 3356 5947 3385 5949 3276 +3 0 0 1 0 7 50 -1 -1 0.000 0 0 0 9 + 5479 2597 5487 3613 5489 4145 5489 4179 5500 4183 5515 4183 + 5541 4183 5554 4183 5556 3426 + 0.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 + 0.000 +3 0 0 1 0 7 50 -1 -1 0.000 0 0 0 14 + 5556 4186 5556 4193 5556 4202 5688 4226 5847 4248 6002 4262 + 6074 4270 6149 4272 6144 4250 6141 4229 6139 4202 6131 3875 + 6133 3597 6144 3207 + 0.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 + 1.000 1.000 1.000 1.000 1.000 0.000 +3 0 0 1 0 7 50 -1 -1 0.000 0 0 0 5 + 6146 4275 6154 4268 6164 4262 6169 4256 6151 3361 + 0.000 1.000 1.000 1.000 0.000 +3 0 0 1 0 7 50 -1 -1 0.000 0 0 0 12 + 6172 4260 6218 4262 6254 4260 6270 4260 6252 3104 6244 2645 + 6242 2623 6234 2616 6224 2611 5855 2606 5580 2600 5479 2594 + 0.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 + 1.000 1.000 1.000 0.000 +3 0 0 1 0 7 50 -1 -1 0.000 0 0 0 17 + 6265 4260 6267 4260 6280 4250 6298 4236 6303 4229 6298 4140 + 6288 3563 6280 3030 6272 2643 6272 2625 6267 2609 6265 2601 + 6254 2600 5598 2577 5567 2575 5520 2573 5518 2575 + 0.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 + 1.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 + 0.000 +3 0 0 1 0 7 50 -1 -1 0.000 0 0 0 15 + 5474 2592 5641 2542 5927 2467 6046 2436 6509 2441 6664 2445 + 6682 2443 6687 2455 6690 2469 6695 2527 6705 3781 6705 3823 + 6685 3844 6486 4049 6303 4234 + 0.000 1.000 1.000 1.000 1.000 1.000 1.000 1.000 + 1.000 1.000 1.000 1.000 1.000 1.000 0.000 +3 0 0 1 0 7 50 -1 -1 0.000 0 0 0 2 + 6278 2652 6692 2488 + 0.000 0.000 +-6 +2 1 4 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2 + 4765 5128 6262 4261 +2 1 4 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2 + 1015 2653 6055 2442 +4 1 0 50 -1 3 12 0.0000 0 150 270 6115 2353 PA\001 +-6 +6 1575 6450 5400 8925 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 1575 6450 5400 6450 5400 8925 1575 8925 1575 6450 +2 4 0 1 0 7 50 -1 20 0.000 0 0 7 0 0 5 + 2700 7575 1800 7575 1800 7200 2700 7200 2700 7575 +2 4 0 1 0 7 50 -1 20 0.000 0 0 7 0 0 5 + 2700 8025 1800 8025 1800 7650 2700 7650 2700 8025 +2 4 0 1 0 7 50 -1 20 0.000 0 0 7 0 0 5 + 2700 7125 1800 7125 1800 6750 2700 6750 2700 7125 +2 2 1 1 0 7 51 -1 -1 4.000 0 0 -1 0 0 5 + 5325 6525 2250 6525 2250 8850 5325 8850 5325 6525 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 2250 8850 2850 8850 2850 8250 2250 8250 2250 8850 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 3150 6825 2700 6900 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 3150 6825 2700 7350 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 2 + 3150 6825 2700 7800 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 4200 7200 5250 7200 5250 7725 4200 7725 4200 7200 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 4200 6600 5250 6600 5250 7125 4200 7125 4200 6600 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 4200 7800 5250 7800 5250 8325 4200 8325 4200 7800 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 3150 6600 4200 6600 4200 7125 3150 7125 3150 6600 +4 1 0 50 -1 1 10 0.0000 0 135 480 3675 6825 Manage\001 +4 1 0 50 -1 1 10 0.0000 0 105 465 3675 7020 Sensors\001 +4 1 0 50 -1 1 10 0.0000 0 150 720 2250 6975 Fingerprint\001 +4 1 0 50 -1 1 10 0.0000 0 105 225 2250 7425 Iris\001 +4 1 0 50 -1 1 10 0.0000 0 15 195 2250 7875 . . .\001 +4 1 0 50 -1 2 12 0.0000 0 150 465 2550 8625 TPM\001 +4 1 0 50 -1 1 10 0.0000 0 105 570 4725 6825 Network\001 +4 1 0 50 -1 1 10 0.0000 0 105 555 4725 7020 Interface\001 +4 1 0 50 -1 1 10 0.0000 0 150 615 4725 7425 Operating\001 +4 1 0 50 -1 1 10 0.0000 0 135 450 4725 7620 System\001 +4 1 0 50 -1 1 10 0.0000 0 105 615 4725 8025 Firmware\001 +4 1 0 50 -1 1 10 0.0000 0 105 615 4725 8220 Hardware\001 +4 0 0 50 -1 1 10 0.0000 0 105 1320 2925 8775 Trusted Environment\001 +-6 +6 6495 7800 7095 9000 +6 6495 7800 7095 8775 +1 2 0 1 0 7 100 0 -1 4.000 1 0.0000 6792 7925 113 114 6705 7851 6880 7997 +2 1 0 1 0 7 100 0 -1 4.000 0 0 -1 0 0 3 + 6502 8772 6792 8479 7083 8772 +2 1 0 1 0 7 100 0 -1 4.000 0 0 -1 0 0 16 + 6792 8479 6792 8450 6792 8421 6792 8392 6792 8362 6792 8333 + 6792 8304 6792 8275 6792 8245 6792 8216 6792 8187 6792 8158 + 6792 8128 6792 8099 6792 8070 6792 8041 +2 1 0 1 0 7 100 0 -1 4.000 0 0 -1 0 0 2 + 6502 8187 7083 8187 +-6 +4 1 0 50 -1 2 10 0.0000 0 105 300 6795 9000 User\001 +-6 +6 4500 5175 6075 5775 +4 2 0 50 -1 1 10 0.0000 0 135 1080 6075 5550 Trust(CA,DAA)\001 +4 2 0 50 -1 1 10 0.0000 0 105 1020 6075 5775 Data Submission\001 +4 2 0 50 -1 1 10 0.0000 0 135 1530 6075 5325 Discover(UID, Verifier)\001 +-6 +6 9975 3375 10575 4575 +6 9975 3375 10575 4350 +1 2 0 1 0 7 100 0 -1 4.000 1 0.0000 10272 3500 113 114 10185 3426 10360 3572 +2 1 0 1 0 7 100 0 -1 4.000 0 0 -1 0 0 3 + 9982 4347 10272 4054 10563 4347 +2 1 0 1 0 7 100 0 -1 4.000 0 0 -1 0 0 16 + 10272 4054 10272 4025 10272 3996 10272 3967 10272 3937 10272 3908 + 10272 3879 10272 3850 10272 3820 10272 3791 10272 3762 10272 3733 + 10272 3703 10272 3674 10272 3645 10272 3616 +2 1 0 1 0 7 100 0 -1 4.000 0 0 -1 0 0 2 + 9982 3762 10563 3762 +-6 +4 1 0 50 -1 2 10 0.0000 0 105 450 10275 4575 Officer\001 +-6 +6 8550 5475 10800 7350 +6 8625 5550 9675 6075 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 8625 5550 9675 5550 9675 6075 8625 6075 8625 5550 +4 1 0 50 -1 1 10 0.0000 0 135 480 9150 5775 Manage\001 +4 1 0 50 -1 1 10 0.0000 0 105 900 9150 5970 Authorization\001 +-6 +6 9675 5550 10725 7275 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 9675 6150 10725 6150 10725 6675 9675 6675 9675 6150 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 9675 5550 10725 5550 10725 6075 9675 6075 9675 5550 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 9675 6750 10725 6750 10725 7275 9675 7275 9675 6750 +4 1 0 50 -1 1 10 0.0000 0 105 570 10200 5775 Network\001 +4 1 0 50 -1 1 10 0.0000 0 105 555 10200 5970 Interface\001 +4 1 0 50 -1 1 10 0.0000 0 150 615 10200 6375 Operating\001 +4 1 0 50 -1 1 10 0.0000 0 135 450 10200 6570 System\001 +4 1 0 50 -1 1 10 0.0000 0 105 615 10200 6975 Firmware\001 +4 1 0 50 -1 1 10 0.0000 0 105 615 10200 7170 Hardware\001 +-6 +2 2 0 1 0 7 50 -1 -1 0.000 0 0 -1 0 0 5 + 8550 5475 10800 5475 10800 7350 8550 7350 8550 5475 +-6 +2 1 4 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2 + 10800 5475 8978 3769 +2 1 4 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2 + 8550 7350 8250 4950 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 1 1.00 90.00 150.00 + 8250 4725 6825 6450 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 0 2 + 2 1 1.00 90.00 150.00 + 6701 3627 8250 3975 +2 1 0 1 0 7 50 -1 -1 0.000 0 0 -1 1 1 2 + 2 1 1.00 90.00 150.00 + 2 1 1.00 90.00 150.00 + 6227 5992 6021 4260 +2 1 4 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2 + 6117 6005 1575 6450 +2 1 4 1 0 7 50 -1 -1 3.000 0 0 -1 0 0 2 + 5400 8925 6814 7243 +4 1 0 50 -1 3 12 0.0000 0 150 135 8625 3675 V\001 +4 0 0 50 -1 1 10 0.0000 0 150 900 7200 6225 Request(UID)\001 +4 1 0 50 -1 3 12 0.0000 0 150 225 6450 5925 BS\001 diff --git a/resources/networkview2.pdf b/resources/networkview2.pdf new file mode 100644 index 0000000..db80bb2 Binary files /dev/null and b/resources/networkview2.pdf differ